1. Field of the Invention
The present invention relates to a surrogate system that performs authentication operations required by a WWW (World Wide Web) server, and more particularly to a single sign-on system for web sites.
2. Description of the Related Art
As more and more web sites require user authentication, the user must do more user authentication operations. These operations impose a heavier burden on the user.
In addition, there is a need for a single sign-on system because it is cumbersome and difficult for the user to remember a plurality of user IDs and passwords.
To satisfy this need, a single sign-on system intended for a particular web site and a PKI (Public Key Infrastructure) based standard method have lately been put to practical use.
For example, Japanese Patent Laid-Open Publication No.2000-3334 has proposed a gateway system. This gateway system receives a user's request via a gateway, converts a user ID and a password, and sends them to the corresponding information providing server or to some other gateway. Upon receiving a response, the gateway system converts back the user ID and the password and returns them to the requesting user. In this way, this system provides users with desired information services, one user ID and one password for each user.
However, the conventional system described above has the following problems.
In a system intended for particular web sites, a web site cannot be added directly to a single sign-on system.
In many cases, the user authentication method at a web site must be changed or a web site must be placed at a particular address.
On the other hand, the PKI based user authentication method requires a user terminal to have the security function installed.
Conventionally, personal computers (PC) have been used for user terminals that access web sites. Recently, more and more terminals with no security function, such as cellular phones, personal digital assistants, and facsimiles (FAX), are used as terminals that access web sites. Therefore, it is virtually impossible for all terminals to be compatible with the PKI.